Facebook, Malware and Stuxnet Top Week's Security News

A look back at the security news of the past week touched Facebook, Gmail and exploit code for a vulnerability exploited by the infamous Stuxnet worm.

The week may have been cut short for some due to
Thanksgiving, but the security news machine kept churning nonetheless.

A report by security firm BitDefender highlighted the
challenge of malicious links and malware on Facebook. According to BitDefender,
more than 20 percent of the people using the company's safego application were
exposed to malicious content in wall posts and news feeds.

"The threats we are talking about are menaces that the
user gets exposed to, like a link that you should not click or a third-party
app that you should not install," Catalin Cosoi, head of BitDefender's online threats lab, told
eWEEK. "Only a small percentage of those threats were actually
linking to malware. Most of the time, these are apps that will promise the user
extra features, or different games, in order to convince you to install them.
Once you do, they will post messages on your behalf [in order to continue
spreading] and will have access to your personal information."
According to a new report from Dasient, 1.2 million Websites
were infected with malware in the third quarter of 2010. Much of that malware
is being spread via drive-by downloads, the firm reported, explaining that the
popularity of Web-based e-mail services such as Microsoft Hotmail and Google
Gmail has resulted in e-mail attachments being scanned by antivirus technology.
Elsewhere in the world of malware, code for one of the
zero-days exploited by the infamous Stuxnet worm was made public online during
the week. The code targets a Windows Task Scheduler vulnerability that can be
used for privilege escalation. The exploit code was added to the Exploit
Database operated by Offensive Security Nov. 20. The flaw is currently
unpatched, but Microsoft said a fix is forthcoming.

Google started the week off with news that it had issued a
fix for a flaw affecting Gmail users. The bug was actually patched Nov. 20
after it was reported by TechCrunch. The situation impacted users who visited
the site while they were still logged onto Gmail, and it reportedly worked
regardless of whether or not the user was browsing in Google Chrome's "Incognito"
mode.
"We
quickly fixed the issue in the Google Apps Script API that could have allowed for
e-mails to be sent to Gmail users without their permission if they visited a
specially designed Website while signed into their account," a Google
spokesperson said. "We immediately removed the site that demonstrated this
issue, and disabled the functionality soon after. We encourage responsible
disclosure of potential application security issues to security@google.com."